In a move against international cybercrime, the U.S. Department of Justice (DoJ) announced charges against Rami Khaled Ahmed, a Yemeni national accused of unleashing Black Kingdom ransomware against 1,500 systems worldwide. Targets included a medical billing company in California, a ski resort in Oregon, a school district in Pennsylvania, and a health clinic in Wisconsin....Read More

A recent surge in ransomware claims might signal that the profitability of the cybercriminal trade is beginning to falter and payouts are dwindling. Several cyber threat reports recently showed that ransomware attack claims reached record-breaking levels at the beginning of 2025. However, victims appear to be resisting demands in many cases. BlackFog’s State of Ransomware...Read More

For many years, ransomware has been associated with online extortion, causing businesses to become immobilized as they attempt to recover encrypted data. With cybersecurity teams preparing for these direct attacks, organizations have become accustomed to the risk of frozen systems and locked databases. However, a new and much more pernicious threat is showing up that...Read More

The Medusa ransomware gang has infected more than 300 organizations in critical infrastructure sectors such as the medical, manufacturing and technology industries. That’s according to a joint cybersecurity advisory published Wednesday by CISA, the FBI and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The agencies noted that Medusa — which is not connected to...Read More

A joint advisory released March 12 by the FBI, Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center warns of activity by Medusa ransomware observed as recently as February. Medusa is a ransomware-as-a-service group that was first identified in 2021.   The group has more than 300 victims from the medical,...Read More

In recent weeks, the DragonForce ransomware group has been targeting UK retailers in a series of coordinated attacks causing major service disruptions. Prominent retailers such as Harrods, Marks and Spencer, and the Co-Op have all reported ongoing incidents affecting payment systems, inventory, payroll and other critical business functions. DragonForce has previously been attributed for a...Read More

BLUE ASH, Ohio (WKRC) – Dr. Gururau Sudarshan, known as Doctor G to his patients, was headed into work one morning last August when workers at his Cincinnati Pain Physicians clinic said they couldn’t get into the computer system. “We contacted my IT person, who was able to look through his server from remote. In...Read More

Oregon DEQ won’t say if ransomware group took employee data in cyberattack Published 11:49 am Monday, April 28, 2025 By Gosia Wozniacka, The Oregonian This June 2017 photo shows the headquarters of Oregon’s Driver and Motor Vehicles Division in Salem.  The Oregon Department of Environmental Quality on Friday declined to confirm or deny reports that...Read More

Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a zero-day elevation of privilege vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial...Read More

Listen to the article 4 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief:  Ransomware attacks surged 69% in the global education sector for the first quarter of 2025 compared to the same period last year.  Some 81 ransomware incidents — both confirmed and unconfirmed — hit education internationally...Read More